Aggregator

A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been declared as problematic. This vulnerability affects unknown code of the file admin/assets/plugins/DataTables/media/unit_testing/templates/dom_data_two_headers.php. The manipulation of the argument scripts leads to cross site scripting. This vulnerability was named CVE-2024-10753. The attack can be initiated remotely. Furthermore, there is an exploit available.

根据 Cyble 最新发布的漏洞报告，有近100 万台存在被积极利用漏洞的 Fortinet 和 SonicWall 设备正暴露在公开的互联网上。

11月1日，以“无界BOUNDLESS · 数织未来AI同行”为主题的2024 绿盟科技TechWorld智慧 […]

2024年10月22日，中国网络空间安全协会个人信息保护专业委员会成立大会在北京召开，该委员会由中央网信办数据 […]

2024年10月24日，由中国互联网协会与韩国互联网振兴院、大韩贸易投资振兴公社联合主办的“2024中韩个人信 […]

SharpExclusionFinder This C# program finds Windows Defender folder exclusions using Windows Defender through its command-line tool (MpCmdRun.exe). The program processes directories recursively, with configurable depth and thread usage, and outputs information about exclusions and scan progress....

The post SharpExclusionFinder: finds Windows Defender folder exclusions appeared first on Penetration Testing Tools.

Starkiller Starkiller is a Frontend for Powershell Empire. It is an Electron application written in VueJS. Multi-user GUI application for interfacing with the Empire C2 server from any computer. Starkiller represents a huge step forward...

The post Starkiller: Frontend for PowerShell Empire appeared first on Penetration Testing Tools.

Venator – Threat Detection Platform A flexible detection system that simplifies rule management and deployment with K8s CronJob and Helm. Venator is optimized for Kubernetes deployment but is flexible enough to run standalone or...

The post venator: A flexible threat detection platform appeared first on Penetration Testing Tools.

What is DalFox DalFox is a powerful open-source tool that focuses on automation, making it ideal for quickly scanning for XSS flaws and analyzing parameters. Its advanced testing engine and niche features are designed...

The post dalfox: Parameter Analysis and XSS Scanning tool appeared first on Penetration Testing Tools.

A vulnerability has been found in Microsoft Windows Vista SP2 up to Server 2012 R2 and classified as problematic. Affected by this vulnerability is an unknown functionality in the library win32k.sys of the component Kernel-Mode Driver. The manipulation leads to improper access controls. This vulnerability is known as CVE-2016-0048. Local access is required to approach this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.

BackgroundIn DolphinScheduler for YARN tasks such as MapReduce (MR), Spark, Flink, and even Shell t

A vulnerability classified as problematic was found in PHPGurukul Online Shopping Portal 2.0. This vulnerability affects unknown code of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/dom_data_th.php. The manipulation of the argument scripts leads to cross site scripting. This vulnerability was named CVE-2024-10747. The attack can be initiated remotely. Furthermore, there is an exploit available.

error code: 1106

A vulnerability classified as critical was found in Microsoft Windows Vista SP2 up to Server 2008 R2. Affected by this vulnerability is an unknown functionality in the library win32k.sys. The manipulation leads to improper access controls. This vulnerability is known as CVE-2016-0048. The attack needs to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.

Trend surveyed 750 cybersecurity professionals in 49 countries to learn more about the state of cybersecurity, from job pressures to the need for more advanced tools. Explore what SOC teams had to say.

A vulnerability was found in EPiServer Ektron CMS. It has been classified as critical. This affects an unknown part. The manipulation of the argument xslt leads to xml external entity reference. This vulnerability is uniquely identified as CVE-2015-0923. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

今天接着给大家介绍10个开源情报培训机构​。